<?php
if (!class_exists('AlfaSecurityFilter')) {
	/**
	 * @author Alecsandru Gabriel DINU
	 * @since Jul 19, 2008
	 * Security filter class. Check if access is allowed to the given resource, 
	 * with the given context. 
	 * If not allowed, this method may redirect to a 403 page.
	 */
	class AlfaSecurityFilter  extends AlfaFilter {
		private $devMode = false;
		
		/**
		 * Class constructor.
		 * @access public
		 * @param AlfaFilterConfig
		 */
		public function __construct(AlfaFilterConfig $filterConfig) {
			parent::__construct($filterConfig);
		}
		
		/**
		 * Performs initialization.
		 * @access public
		 */
		public function init() {
			$config = AlfaConfiguration::getInstance();
			$this->devMode = $config->getBoolean("webapp/devMode", $this->devMode);
		}

		
		/**
		 * Performs the security filtering.
		 * @access public
		 * @param Context
		 * @param AlfaFilterChain
		 */
		public function doFilter(Context $context, AlfaFilterChain $chain) {
			$securityManager = new SecurityManager(& $context, $this->devMode);
		    try {
    			$securityManager->checkPermission();
    			return $chain->doFilter(& $context);
    		} catch (SecurityException $e) {
    			$context->redirect("/403");	
    		}			
		}
		
	}
}